Slashdot Mirror

← Back to Stories (view on slashdot.org)

This Unusual Botnet Targets Scientists, Engineers, and Academics (zdnet.com)

Posted by BeauHD on from the unusual-suspect dept.

schwit1 quotes a report from ZDNet: A botnet and cyberattack campaign is infecting victims across the globe and appears to be tracking the actions of specially selected targets in sectors ranging from government to engineering. Researchers from Forcepoint Security Labs have warned that the campaign it has dubbed 'Jaku' -- after a planet in the Star Wars universe because of references to the sci-fi saga in the malware code -- is different to and more sophisticated than many botnet campaigns. Rather than indiscriminately infecting victims, this campaign is capable of performing "a separate, highly targeted operation" used to monitor members of international non-governmental organizations, engineering companies, academics, scientists and government employees, the researchers said. The findings are set out in Forcepoint's report on Jaku, which outlines how of the estimated 19,000 unique victims, 42 percent are in South Korea and a further 31 percent in Japan. Both are countries and neighbors of North Korea. A further nine percent of Jaku victims are in China, six percent in the US, with the remainder spread across 130 other countries.

67 comments

  1. Are there any viable North Korean targets? by ComputerGeek01 · · Score: 3, Insightful

    There are also no instances of Jaku targeting North Korean victims.

    North Korea is thought to be 20 years behind every other country listed in terms of engineering and they use a proprietary OS. What would the antagonist hope to dig out of NK that they can't get elsewhere with no additional coding work?

    1. Re:Are there any viable North Korean targets? by Anonymous Coward · · Score: 1

      proprietary OS

      If by proprietary you mean a Linux distribution with an ugly UI and probably fair bit of government sanctioned spyware, then yes they are using a proprietary OS.

    2. Re:Are there any viable North Korean targets? by AmiMoJo · · Score: 4, Interesting

      NK buys most of its tech from from the same place that everyone else does: China. As you say, the main difference is that they mandate the use of a more secure OS.

      It's interesting that the internet levels the playing field so much between countries with a vast, powerful military, a poor dictatorship and a teenager in their bedroom in Bulgaria.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    3. Re:Are there any viable North Korean targets? by Dan+East · · Score: 1

      the main difference is that they mandate the use of a more secure OS.

      I think it's funny you word it that way. Secure from whom, exactly? Maybe we should all be using their OS since it's so "secure".

      --
      Better known as 318230.
    4. Re:Are there any viable North Korean targets? by Anonymous Coward · · Score: 0

      There are also no instances of Jaku targeting North Korean victims.

      North Korea is thought to be 20 years behind every other country listed in terms of engineering and they use a proprietary OS. What would the antagonist hope to dig out of NK that they can't get elsewhere with no additional coding work?

      Besides, there are no North Korean victims according to the memo from their "Dear Leader". Not even those in the labor camps.

    5. Re:Are there any viable North Korean targets? by Anonymous Coward · · Score: 0

      "North Korea is thought to be 20 years behind every other country listed in terms of engineering "

      The F-22 is a 1980s design.

    6. Re:Are there any viable North Korean targets? by swb · · Score: 1

      Is the playing field *really* that level?

      The US has spent at least the last decade hoovering data and penetrating networks on a global scale, including the ability to tap undersea fiber optics, intercepting and backdooring hardware shipments, and been tied to destroying airgapped centerfuges with a computer virus and even possibly knocking North Korea off the internet briefly.

      And those are things we know about. Then there's other, unlevel playing field options like a global special forces capability to gain clandestine physical access to infrastructure, an entire constellation of satellites and until very recently the ability to fly into space and take or modify satellites.

    7. Re: Are there any viable North Korean targets? by Anonymous Coward · · Score: 0

      What does that have to do with it? Advanced aircraft easily takes a decade or more to design, test, produce, and field in addition to training all the pilots and support personnel required to fly and maintain the airframe. So, apples and oranges. Also, various aspects of the internet are still mired in 1970's technology. TCP/IP stack comes to mind. In any case, different technologies progress at different rates. Complexity plays a huge role.

    8. Re:Are there any viable North Korean targets? by cyriustek · · Score: 1

      North Korea is thought to be 20 years behind every other country listed in terms of engineering and they use a proprietary OS. What would the antagonist hope to dig out of NK that they can't get elsewhere with no additional coding work?

      I would not assume that NK is 20 years behind, especially on their hacking ability. They have been sending teams of people to exploitation training.

      NK does have some interesting things to hack into as well. The western world is interested in the DPRK's nuclear program, and it would not be surprising if a 'Stuxnet-like' application was used at some point to affect their operations as done in Iran.
       

    9. Re:Are there any viable North Korean targets? by AmiMoJo · · Score: 1

      True, the US is much more vulnerable to severe damage by cyber attack. NK goes offline for a day, little effect. Sony gets hacked...

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  2. No surprise by Anonymous Coward · · Score: 0

    Scientists and academics are by far the most credulous demographic, and they're pretty ignorant about the real-world risks.

    Thanks to years of edu^H^H^Hindoctrination that selectively breeds them...

  3. Re:All malware authors should be executed by ctrl-alt-canc · · Score: 4, Funny

    > All malware authors should be executed

    Isn't enough to execute their code instead ?

  4. TL;DR Don't use Windows by Anonymous Coward · · Score: 0

    Don't use Windows and you're safe. Now OS/X is a botnet in itself, so I'd recommend FreeBSD, DragonFly or Linux. Plenty of choice there.

    1. Re:TL;DR Don't use Windows by Anonymous Coward · · Score: 0

      What do you mean with OS/X (Mac OS X?) being a botnet?

  5. Custom hosts files blocklist vs. JAKU botnet by Anonymous Coward · · Score: 0, Informative

    0.0.0.0 winchk.bbsindex.com
    0.0.0.0 browny.ddns.net
    0.0.0.0 sweetbrowny.mooo.com
    0.0.0.0 cometome.yourtrap.com
    0.0.0.0 bbsbox.strangled.net
    0.0.0.0 minicooper.strangled.net
    0.0.0.0 torrent.gotgeeks.com
    0.0.0.0 torrentfiles.ddns.net
    0.0.0.0 movieadd.mooo.com
    0.0.0.0 torrent3.bbsindex.com
    0.0.0.0 torrent.gotgeeks.com
    0.0.0.0 torrentfiles.ddns.net
    0.0.0.0 movieadd.mooo.com
    0.0.0.0 torrent3.bbsindex.com
    0.0.0.0 file2.strangled.net
    0.0.0.0 blog3.serveblog.net
    0.0.0.0 torent.dnsd.info
    0.0.0.0 dns53.ignorelist.com
    0.0.0.0 www.bbsupdates.comxa.com
    0.0.0.0 pic3.mooo.com
    0.0.0.0 torrent.dtdns.net
    0.0.0.0 decrypt.dnsd.info
    0.0.0.0 decrypt.info.tm
    0.0.0.0 torrent.serveblog.net
    0.0.0.0 decrypt.effers.com
    0.0.0.0 boardchk.strangled.net
    0.0.0.0 minicooper.ddns.com
    0.0.0.0 minicooper.chickenkiller.com
    0.0.0.0 cutemini.sexidude.com
    0.0.0.0 ls4.com

    APK

    P.S.=> Courtesy https://www.forcepoint.com/sit... ... apk

  6. scientists and engineers? by Anonymous Coward · · Score: 0

    Sounds like a spy-novel story to be used as a cover for some TLA bureaucracy activity...
    ( I know.... tin-hat... )
    And quite possibly for a mega-corp hoping ti find new workers to HB1 import....

  7. Re:All malware authors should be executed by Anonymous Coward · · Score: 0

    chmod 711 malware.authors

  8. The planet is Jakku, not Jaku by Anonymous Coward · · Score: 0

    I don't know what the fuck Jaku is, but it's not a reference to Star Wars.

    1. Re:The planet is Jakku, not Jaku by Anonymous Coward · · Score: 0

      I don't know what the fuck Jaku is, but it's not a reference to Star Wars.

      The bad guy from Samurai Jack?

    2. Re: The planet is Jakku, not Jaku by geekbastard · · Score: 1

      I logged in just to make the same comment, you beat me to it

  9. Short Shameful Confession by mi · · Score: 4, Funny

    This Unusual Botnet Targets Scientists, Engineers, and Academics

    I feel left out and unaccomplished...

    --
    In Soviet Washington the swamp drains you.
    1. Re:Short Shameful Confession by Anonymous Coward · · Score: 0

      You'll just have to live and put up with normal Botnet Malware installed on your machine... ;)

    2. Re:Short Shameful Confession by Anonymous Coward · · Score: 0

      This Unusual Botnet Targets Scientists, Engineers, and Academics

      I feel left out and unaccomplished...

      Huh? You're on /. with w a sub 200,000 registration number, still commenting.

      That sounds like fake humbleness ;)

    3. Re:Short Shameful Confession by Anonymous Coward · · Score: 0

      Unlike this guy, who is adored beyond all comprehension!
      https://www.youtube.com/watch?v=HvnVDHdNzhg

      _

  10. Re:All malware authors should be executed by T.E.D. · · Score: 3, Funny

    Given where this appears to have come from, any coders who refuse to work on the botnet when asked are likely executed.

    If N. Korea doesn't get around to executing them, they will likely starve to death instead.

  11. Re: All malware authors should be executed by Anonymous Coward · · Score: 0

    Let's just get Trump to build a firewall around them. That'll put an end to the problem once and for all.

  12. This is part of the "Pacific strategy" by Anonymous Coward · · Score: 0

    that the White House spoke about a year ago. It's to keep full insight into industrial and technological advancements and initiatives in those regions, again, to try to stay one step ahead.

  13. Global Warming by Anonymous Coward · · Score: 0

    It's a propaganda botnet designed to accelerate the propagation of dis-information regarding the global warming conspiracy theory in an effort to enforce a global carbon tax on the earth's population, as per globalist's plan for a New World Order.

  14. Re:For best hosts file vs. botnets & other thr by Anonymous Coward · · Score: 0

    Oh god, Slashdot's most prominent purveyor of computer fucking shiteware is back.

  15. "Both are countries" by IRGlover · · Score: 2

    For years I had heard references to 'South Korea' and 'Japan', but no-one ever seemed entirely sure what they were, so they were always shrouded in a bit of mystery for me. So imagine my joy when a /. summary actually provides a definitive answer. They are countries! and it seems that they are (probably) part of a contiguous landmass that also includes North Korea! So much now makes sense!

  16. Re:For best hosts file vs. botnets & other thr by Anonymous Coward · · Score: 0

    You really are an unspeakable tit. Seriously, what is your obsession with hosts files? They're a bad solution to this problem.

  17. You haven't done better & it works... apk by Anonymous Coward · · Score: 0

    See subject: ... & other /.'ers disagree per the upmod on my post that STOPS JAKU COLD https://news.slashdot.org/comm... - via my designing a MORE efficient & MORE POWERFUL in abilities tool that uses what you ALREADY NATIVELY HAVE vs. stupidly & illogically "Bolting on 'MoAr'" like an IDIOT would (like you no doubt).

    Me? I'm happy to know I created something that works vs. myriad forms of threats online (as I have the ability to do so - you don't, lol!) that SPEEDS YOU UP 2 WAYS (whereas other "so-called 'solutions'" don't & instead SLOW YOU DOWN adding more complexity + room for exploitation/breakdown OR power consumption etc.!

    * :)

    APK

    P.S.=> I don't have time for your unidentifiable coward weasel b.s. today & I'm going to CELEBRATE THAT UPMOD of my post w/ "Turning Japanese" (while I laugh @ losers like you) -> https://www.youtube.com/watch?... ... apk

    1. Re:You haven't done better & it works... apk by Anonymous Coward · · Score: 0

      Sure, it's a red-letter day when you score 1 point on a slashdot post... and it is a shame that we're all so technologically backwards that we couldn't possibly write a fancy tool to update a text file - it's just beyond our feeble minds.

    2. Re:You haven't done better & it works... apk by Anonymous Coward · · Score: 0

      I like how he acts as if a piece of malware can't just implement its own DNS lookup that bypasses the hosts file. DNS 2 HRD!

    3. Re:You haven't done better & it works... apk by Anonymous Coward · · Score: 0

      Guys, guys, stop it already with the sarcasms. He can't detect or understand it.

      Hi Peter, nice to see you around again. Off your meds?

      Love,

      Dad.

    4. Re:You haven't done better & it works... apk by Anonymous Coward · · Score: 0

      I like how apk cut you to shreds on DNS and antivirus that you ran https://news.slashdot.org/comm... and you said he avoids objections there? Apk systematically destroyed you with facts from reputable security sources.

    5. Re:You haven't done better & it works... apk by Anonymous Coward · · Score: 0

      I know, I know!! I'm now 100% positive that APK is Trump!

  18. Re:For best hosts file vs. botnets & other thr by Anonymous Coward · · Score: 0

    A custom hosts file is not 'shiteware' nor is it the only layer of security. It is what it is. Purveyors are purveyors - they get paid.

  19. Re:For best hosts file vs. botnets & other thr by Anonymous Coward · · Score: 0

    This totally sounds like someone else and not APK at all.

  20. Just cut them off already by Anonymous Coward · · Score: 0

    ... not just the internet; embargo anything and everything that could possible be considered a luxury, telephones, banking, electronics including the champagne and mac books that Kim fat bastard is so fond of.

  21. How would they know? by Anonymous Coward · · Score: 0

    So how did Force Bum security know it targets scientists? Do they have a magic scientist detectors? Nah, they came up with the angle to market this malware and in doing so market themselves (P.S. Not their real name)

  22. DNS = security issue resource hog nightmare by Anonymous Coward · · Score: 0

    See subject & this (titles of each are self-explanatory from reputable security community sources) https://news.slashdot.org/comm...

    * :)

    It also consumes TONS of RAM, is more difficult to configure for users by FAR, & is a security issue riddled nightmare! Proofs by the 100's are in the link above.

    (As far as your "theoretical bullshit"? That's EASY to stop too - by disallowing access to said ROGUE DNS servers via firewalls or network perimeter defenses which HOSTS COMPLIMENT!)

    APK

    P.S.=> You're nothing more than an unidentifiable no balls weasel coward "ne'er-do-well" jealous fool & you KNOW it (I certainly do) that can't compete w/ me OR my methods for giving users more speed, security, reliability + anonymity online for TONS LESS (& I'm replying to annihilating YOU w/ data in that link above as far as DNS massive issues... lol!)... apk

    1. Re:DNS = security issue resource hog nightmare by Anonymous Coward · · Score: 0

      Sure, we're "jealous" of your incredible abilities and skills. That's it! You keep telling yourself that. You aren't an overbearing, egotistical nutbar at all! Hosts files suck anyway, why don't you waste some more precious life telling us why they don't?

  23. Re:Hi "ne'er-do-well" blowhard! by Anonymous Coward · · Score: 0

    You know how it's completely pointless to argue with a drunk because they're irrational and have no capacity for reason? That.

  24. I ask you to show you've done better blowhard by Anonymous Coward · · Score: 0

    See subject: LOL, You can't. End of story, you lose failboy https://news.slashdot.org/comm... and you're also hiding behind unidentifiable ac posts too from you?

    Please: Make us laugh at you more!

    (Your reaction is priceless proving apk made you dance for us like a puppet on his string of truth about you. You're a do nothing blowhard troll. Hilarious!)

    APK

    P.S.=> I love showing everyone here what the "character" (lack of) is from jokes like you, lol - Thanks for helping me do it with your "Run, Forrest: RUN!!!" from my challenge to you above... apk

  25. Couldn't have said it better myself... apk by Anonymous Coward · · Score: 0

    See subject: However, "poor imitation" = the SINCEREST FORM OF FLATTERY, Mr. Paper Rose (you gave it away in that post of yours).

    * Not a '1st' in you trolls posting as myself either... lol, FAR from it in fact (but you did state the truth in my favor - I'll give you that much).

    APK

    P.S.=> In any event? It really IS a huge treat for me in MY KNOWING a blowhard loser "ne'er-do-well" PUNY unidentifiable troll giving me guff who's unable to do a more efficient logical solution from a single file you already have exists - he makes ME look GOOD & himself? LOL, well... you know (not so good)... apk

  26. Tracking potential defectors by axewolf · · Score: 1

    As soon as I hear anything blamed on North Korea, I think to analyze whether or not the western government would have an interest in the culpable act.

    It sounds likely to me that the west is keeping a very sharp eye out for defectors. South Korea and Japan as governments are slaves to western interest, but North Korea is gaining appeal despite what you may hear in the western media. Russia is also gaining allies. The glamour of western capitalism is wearing off and the west doesn't want their vital resources worn off with it. Their surveillance powers are less concrete in the asian colonies. Too much to explain to too many people (who don't speak "western business" let alone English proficiently). So a direct approach like malware is good.

  27. Botnet infecting victims across the globe? by khz6955 · · Score: 1

    Surly, botnets infect computers, specifically Microsoft Windows in this case. how exactly does JAKU initially infect the victims?

  28. China's industrial espionage by Anonymous Coward · · Score: 0

    I'll bet you diamonds to doughnuts that it's China doing industrial espionage.

  29. Anti-intellectualism by Anonymous Coward · · Score: 0

    Anti-intellectualism at it's worst.
    Notice how both NON-GOV and GOV organizations are targeted, the common theme here is anyone who is doing HI-TECH and SCIENCE TARGETED!!!

  30. Trisolaran's &The Three Body Problem by troutinator · · Score: 1

    This sounds oddly similar to the tactics of the Trisolaran's in "The Three Body Problem" by Liu Cixin.

    "Trisolarans developed the Sophon technology (a word amalgamation of Sophia, meaning "wisdom", and Proton, consisting of a supercomputer embedded into a single proton that could fold itself to eleven space dimensions), with plans for two such Sophons to secure the complete lockdown of Earth's scientific research and development. " -- https://en.wikipedia.org/wiki/...

  31. Re:I actually have a point to make though by Anonymous Coward · · Score: 0

    they don't even HAVE 'drunk' as an excuse

    I take that as an admission that you do. In hindsight, that explains a lot of your incoherent rambling over the past 15 years. Thanks for the clarification drunkard.

  32. When you can do a better program? by Anonymous Coward · · Score: 0

    See subject: Is the day you can talk! Clearly, you haven't & you never will! I'm no drunk but you clearly project you are... as well as a do-nothing "ne'er-do-well" mere TALKER that hides behind unidentifiable ac posts on your part (i.e. - you have NO balls @ all, whatsoever, in this life).

    APK

    P.S.=> It does more for speed, security, reliability, & anonymity than ANY other SINGLE "so-called competitor" out there, bar-none for TONS less... apk

    1. Re:When you can do a better program? by Anonymous Coward · · Score: 0

      I'm no drunk but you clearly project you are

      How can one project that he is drunk? Whichever way I read it, that sentence doesn't even begin to make sense.

      This is the kind of verbiage I expect only a psychotic or drunk person to use.

    2. Re:When you can do a better program? by Anonymous Coward · · Score: 0

      Apk said prove him wrong on hosts or write a better program for hosts. Trolls can't. Good enough convincing me he's right. It's what puts the trolls away and it's funny when he rubs it in their faces they're nerdowells too!

  33. Best hosts file vs. botnets & other threats by Anonymous Coward · · Score: 0

    APK Hosts File Engine 9.0++ SR-4 32/64-bit http://www.bing.com/search?q=%...

    Less power/cpu/ram + IO use vs. DNS/routers/antivirus + less security issues/complexity. Compliments firewalls (w/ layered drivers blocking less used IP addys vs. hosts blocking more used domains) & DNS (lighten dns load). Gets data via 10 security sites.

    Ads rob bandwidth/speed paid for, security (openbid adnetworks abuse), privacy in tracking + anonymity.

    Hosts add speed (hardcodes/adblocks), security (bad sites/poisoned dns), reliability (dns down), & anonymity (dns requestlogtrackers) natively. Hosts != blockable by ClarityRay (like. souled-out to admen inferior wasteful redundant slower usermode browser addons)

    Works vs. caps & HTTP PUSH ads w/ firewalls.

    APK

    P.S. - Safe https://www.virustotal.com/en/... (Verified by Malwarebytes' S. Burn "I've seen the code & yes it is safe" http://forum.hosts-file.net/vi... )

  34. Hi "ne'er-do-well" blowhard! by Anonymous Coward · · Score: 0

    What've YOU done better giving users more speed, security, reliability & anonymity w/ what you have natively https://news.slashdot.org/comm... doing tons more for TONS less than that? Answer = N O T H I N G / Z E R O!

    * Show us blowhard - LMAO: You can't!

    All you CAN do is PROJECT your own issues onto me (too much drugs slowed up your already DULL brain so much you can't DO BETTER than I have? Absolutely... lol!)

    (LMAO - all "your kind" can do is "talk", but you're not DOERS... you're losers (& you KNOW it)).

    APK

    P.S.=> "... And silence reigned in heaven for about the space of an hour" as I silence puny LOSER /. trolls with ease, lol... apk

  35. My challenge still stands... apk by Anonymous Coward · · Score: 0

    See subject: One "ne'er-do-well" unidentifiable no talent or balls ac posting nobody LOSERS on /. can never meet https://news.slashdot.org/comm...

    * LMAO - & they KNOW it... they can't DO better.

    APK

    P.S.=> Downmoderate my posts ALL DAY LONG & I'll just repost them showing EVERYONE what you are (which they already know, I just LOVE rubbing the salt into your thousands of wounds "your kind" inflicts on themselves their ENTIRE wasted lives)... apk

  36. What's that got to do w/ me tearing you up? by Anonymous Coward · · Score: 0

    See subject: Rather easily on DNS+Antivirus' many shortcomings in inefficiency & security vs. hosts https://news.slashdot.org/comm... ?

    * Titles of each of my replies there are self-explanatory with 100's of supporting evidences from reputable sources - which is a hell of a LOT more than a bigmouth zero like you had & it shut you up.

    APK

    P.S.=> I have to THANK you though... why? Well, heck - you make ME look GREAT & yourself what you evidence yourself to be - a fucking LOSER "ne'er-do-well" w/ NO BALLS weasel trolling freak... apk